Scanned pages/files
| Request | Server response | Status |
http://gipsychef.com/ | 200 OK Content-Length: 8985 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Was Hacked By QD25 ...[6735 bytes skipped]... y Message</font></strong></p> <p><strong><font color="white">:p</font></strong></p> <p><strong><font color="white">But, sorry if you are angry now ? :)</font></strong></p> <p><strong><font color="white">Was Hacked By QD25</font></strong></p> <p><strong><font color="white">Bug Ur Site soon !!!</font></strong></p> <p>____________________________________ </p> <strong><font color="green">BY_QD25</font></strong></br> <p><strong><font color="whit ...[4199 bytes skipped]... | ||
http://deb-x.org/js/jquery-1.6.4.min.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 02 Jun 2015 18:22:57 GMT Pragma: no-cache Location: http://deb-x.org/404.php Server: cloudflare-nginx Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT CF-Cache-Status: MISS CF-RAY: 1f052fc9f9d505af-ARN Set-Cookie: __cfduid=d4db4be1ca93eb90bf916d2fb739ee4b81433269377; expires=Wed, 01-Jun-16 18:22:57 GMT; path=/; domain=.deb-x.org; HttpOnly X-Powered-By: PHP/5.4.36-0+deb7u3 | clean |
http://deb-x.org/404.php | 303 See Other Content-Length: 1064 Content-Type: text/html | clean |
http://deb-x.org/ | 200 OK Content-Length: 9254 Content-Type: text/html | clean |
http://deb-x.org/assets/jquery.js | 200 OK Content-Length: 83619 Content-Type: application/javascript | clean |
http://deb-x.org/assets/jquery-ui.js | 200 OK Content-Length: 228669 Content-Type: application/javascript | clean |
http://deb-x.org/assets/modernizr.mq.js | 200 OK Content-Length: 9789 Content-Type: application/javascript | clean |
http://deb-x.org/assets/global.js | 200 OK Content-Length: 282676 Content-Type: application/javascript | clean |
http://deb-x.org/assets/jquery.ui.touch-punch.js | 200 OK Content-Length: 9073 Content-Type: application/javascript | clean |
http://deb-x.org/theme/quadro/master.js | 200 OK Content-Length: 8066 Content-Type: application/javascript | clean |
http://deb-x.org/page/registration/ | 200 OK Content-Length: 8866 Content-Type: text/html | clean |
http://deb-x.org/page/login/ | 200 OK Content-Length: 10170 Content-Type: text/html | clean |
http://deb-x.org/forum/ | 200 OK Content-Length: 17552 Content-Type: text/html | clean |
http://deb-x.org/modules/forum/script.js | 200 OK Content-Length: 8888 Content-Type: application/javascript | clean |
http://deb-x.org/digishop/ | 200 OK Content-Length: 8510 Content-Type: text/html | clean |
http://deb-x.org/modules/digishop/digishop.js | 200 OK Content-Length: 3537 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gipsychef.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Tue, 02 Jun 2015 18:22:57 GMT
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Age: 0
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 8985
Content-Type: text/html; charset=utf-8
X-Mod-Pagespeed: 1.9.32.3-4448
X-Powered-By: PHP/5.3.10-1ubuntu3.18
X-Varnish: 1939998
...8985 bytes of data.
GET / HTTP/1.1
Host: gipsychef.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Tue, 02 Jun 2015 18:22:57 GMT
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Age: 0
Server: Apache/2.2.22 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 8985
Content-Type: text/html; charset=utf-8
X-Mod-Pagespeed: 1.9.32.3-4448
X-Powered-By: PHP/5.3.10-1ubuntu3.18
X-Varnish: 1939998
...8985 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gipsychef.com
Referer: http://www.google.com/search?q=gipsychef.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gipsychef.com
Referer: http://www.google.com/search?q=gipsychef.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gipsychef.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gipsychef.com/
Result: gipsychef.com is not infected or malware details are not published yet.
Result: gipsychef.com is not infected or malware details are not published yet.